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Art Unit: 2131 

1 This action is in response to the communication filed on 1 1/25/2003 . 

2 DETAILED ACTION 

3 Claims 1-39 have been examined. 

4 Title 

5 The title of the invention is not descriptive. A new title is required that is clearly 

6 indicative of the invention to which the claims are directed. 

7 Information Disclosure Statement 

8 The information disclosure statement(s) (IDS) submitted on 2/25/2004, 3/1 8/2004, 

9 5/18/2006 are in compliance with the provisions of 37 CFR 1 .97. Accordingly, the examiner is 

10 considering the information disclosure statements. 

1 1 Drawings 

12 The drawings are objected to because Fig. 14d is labeled "Fig. 14b". Corrected drawing 



1 3 sheets in compliance with 37 CFR 1 . 1 2 1 (d) are required in reply to the Office action to avoid 

14 abandonment of the application. Any amended replacement drawing sheet should include all of 

15 the figures appearing on the immediate prior version of the sheet, even if only one figure is being 

16 amended. The figure or figure number of an amended drawing should not be labeled as 

17 "amended." If a drawing figure is to be canceled, the appropriate figure must be removed from 

1 8 the replacement sheet, and where necessary, the remaining figures must be renumbered and 

19 appropriate changes made to the brief description of the several views of the drawings for 

20 consistency. Additional replacement sheets may be necessary to show the renumbering of the 

21 remaining figures. Each drawing sheet submitted after the filing date of an application must be 

22 labeled in the top margin as either "Replacement Sheet" or "New Sheet" pursuant to 37 CFR 
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1 1 . 121(d). If the changes are not accepted by the examiner, the applicant will be notified and 

2 informed of any required corrective action in the next Office action. The objection to the 

3 drawings will not be held in abeyance. 

4 Specification 

5 Applicant is reminded of the proper language and format for an abstract of the disclosure. 

6 " 

7 The abstract should be in narrative form and generally limited to a single paragraph on 

8 a separate sheet within the range of 50 to 150 words. It is important that the abstract not exceed 

9 150 words in length since the space provided for the abstract on the computer tape used by the 

10 printer is limited. The form and legal phraseology often used in patent claims, such as "means" 

1 1 and "said, " should be avoided. The abstract should describe the disclosure sufficiently to assist 

12 readers in deciding whether there is a need for consulting the full patent text for details. 
13 

14 The language should be clear and concise and should not repeat information given in the 

15 title. It should avoid using phrases which can be implied, such as, "The disclosure concerns, " 

16 "The disclosure defined by this invention, " "The disclosure describes, " etc. 
17 

1 8 The abstract of the disclosure is objected to because: 

19 "The present invention provides" can be implied and therefore should be removed from 

20 the abstract. 

21 Correction is required. See MPEP § 608.01(b). 

22 The disclosure is objected to because of the following informalities: It appears that the 

23 "continuous sequence 01 01 01 02 02 02 03 04" on page 20 line 4 may not be consistent with the 

24 description on page 19-20. It appears that it should read "01 01 01 02 03 03 03 04". 

25 Appropriate correction is required. 

26 Claim Objections 

27 Claims 1-22, 27-28, and 39 are objected to because of the following informalities: 

28 Claims 1-21 and 27-28 recite "the attribute definition field", but there are a plurality of 

29 these fields, and thus the limitation should read "each attribute definition field". 
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1 Claims 1,5, 13, 15, 16, and 27 recite "that matches attribute of which is not 

2 grammatically correct. This should read "that matches an attribute of or "that matches attribute 

3 information of. 

4 Appropriate correction is required. 

5 Claim Rejections - 35 USC § 102 

6 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 

7 basis for the rejections under this section made in this Office action: 

8 A person shall be entitled to a patent unless - 

9 (e) the invention was described in (I) an application for patent, published under section 

10 122(b), by another filed in the United States before the invention by the applicant for patent or 

11 (2) a patent granted on an application for patent by another filed in the United States before the 

12 invention by the applicant for patent, except that an international application filed under the 

1 3 treaty defined in section 351 (a) shall have the effects for purposes of this subsection of an 

14 application filed in the United States only if the international application designated the United 

15 States and was published under Article 21(2) of such treaty in the English language. 
16 

17 Claims 7, 9, 11, and 29-36 are rejected under 35 U.S.C. 102(e) as being anticipated by 

18 Tan (US Patent Number 6,490,353). 

19 Regarding claim 7, Tan disclosed a data encryption method, the method comprising the 



20 following steps: Step A: constructing encryption definition data containing a plurality of 

21 encryption algorithm module indicators (See Tan Col. 8 Lines 15-24); Step B: inputting digital 

22 data to be encrypted (See Tan Col. 8 Lines 38-54); Step C: from the encryption definition data, 

23 selecting at random an encryption algorithm module indicator (See Tan Col. 10 Lines 37-55); 

24 Step D: with the selected encryption algorithm module indicator as a guide, controlling 

25 encryption processing of the inputted digital data (See Tan Col. 10 Lines 37-55); and Step E: 



Application/Control Number: 1 0/720,2 1 4 Page 5 

Art Unit: 2131 

1 appending decryption information to the digital data that has undergone encryption processing 

2 for subsequent output (See Tan Col. 4 Lines 7-23). 

3 Regarding claim 9, Tan disclosed that the encryption definition data constructed in step A 

4 includes a plurality of encryption algorithm module combinations, each of the encryption 

5 algorithm module combinations including an encryption algorithm module indicator and an 

6 authentication algorithm module indicator, an encryption algorithm module combination being 

7 selected at random from the retrieved encryption definition data in step C, the selected 

8 encryption algorithm module combination being used as a guide for controlling encryption 

9 processing, including the type of encryption and the type of authentication, of the inputted digital 

10 data in step D (See Tan Col. 7 Lines 13-25). 

1 1 Regarding claim 1 1 , Tan disclosed A data encryption method, the method comprising the 

12 following steps: Step A: constructing an encryption module database for storing a plurality of 

13 entries of records of data, each of the entries of records containing an encryption algorithm 

14 module indicator and an authentication algorithm module indicator (See Tan Col. 7 Lines 13-25 

15 and Col. 8 Lines 15-24); Step B: constructing encryption definition data which includes a 

16 plurality of encryption module database indexes (See Tan Col. 8 Lines 15-24); Step C: inputting 

17 digital data to be encrypted(See Tan Col. 8 Lines 38-54); Step D: from the encryption definition 

18 data, selecting at random an encryption module database index (See Tan Col. 10 Lines 37-55); 

19 Step E: according to the retrieved encryption module database index, selecting an entry of record 

20 from the encryption module database (See Tan Col. 10 Lines 37-55); Step F: with the selected 

21 entry of record as a guide, controlling encryption processing, including the type of encryption 

22 and the type of authentication, of the inputted digital data (See Tan Col. 10 Lines 37-55); and 
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1 Step G: appending decryption information to the digital data that has undergone encryption for 

2 subsequent output (See Tan Col. 4 Lines 7-23). 

3 Regarding claim 29, Tan disclosed a data decryption method, the method comprising the 

4 following steps: Step A: inputting digital data to be decrypted (See Tan Col. 10 Line 64 - Col. 1 1 

5 Line 4); Step B: inspecting whether the digital data includes a decryption algorithm module 

6 indicator and, in the affirmative, retrieving the decryption algorithm module indicator or, in the 

7 negative, setting the data to be decrypted as equivalent to inputted data for subsequent processing 

8 in step D (See Tan Col. 13 Lines 4-39 and Col. 8 Lines 3-6); Step C: with the retrieved 

9 decryption algorithm module indicator as a guide, controlling decryption processing of the 

10 inputted digital data (See Tan Col. 13 Lines 4-39); and Step D: outputting the digital data that 

1 1 has undergone decryption (See Tan Col. 13 Lines 4-39). 

12 Regarding claim 3 1 , Tan disclosed a data decryption method, the method comprising the 

13 following steps: Step A: constructing a decryption module database for storing a plurality of 

14 entries of records of data, each of the entries of records being a decryption algorithm module 

15 indicator (See Tan Col. 4 Lines 7-23); Step B: inputting digital data to be decrypted (See Tan 

16 Col. 10 Line 64 - Col. 1 1 Line 4); Step C: inspecting whether the digital data includes a 

17 decryption module database index and, in the affirmative, retrieving the decryption module 

1 8 database index or, in the negative, setting the data to be decrypted as equivalent to inputted data 

19 for subsequent processing in step F (See Tan Col. 13 Lines 4-39 and Col. 8 Lines 3-6); Step D: 

20 with the retrieved decryption module database index as a guide, selecting an entry of record from 

21 the decryption module database (See Tan Col. 13 Lines 4-39); Step E: with the selected entry of 

22 record as a guide, controlling decryption processing of the inputted digital data (See Tan Col. 13 
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1 Lines 4-39); and Step F: outputting the digital data that has undergone decryption (See Tan Col. 

2 13 Lines 4-39). 

3 Regarding claim 33, Tan disclosed a data decryption apparatus, the apparatus having an 

4 input portion for input of data and an output portion for output of data after decryption 

5 processing thereof (See Tan Col. 10 Line 64 - Col. 1 1 Line 4), the apparatus further comprising: 

6 an inspecting portion for inspecting whether the data inputted via the input portion includes a 

7 decryption algorithm module indicator and, in the affirmative, retrieving the decryption 

8 algorithm module indicator or, in the negative, transmitting the inputted data directly to the 

9 output portion (See Tan Col. 13 Lines 4-39 and Col. 8 Lines 3-6); and a decryption processing 

10 portion for controlling decryption processing of the inputted digital data using the decryption 

1 1 algorithm module indicator retrieved by the inspecting portion as a guide (See Tan Col. 13 Lines 

12 4-39). 

13 Regarding claims 30, 32, and 34, Tan disclosed that the inspecting portion inspects 

14 whether the data inputted via the input port ion includes a decryption algorithm module 

15 combination, the decryption algorithm module combination including a decryption algorithm 

16 module indicator and an authentication algorithm module indicator, and, in the affirmative, 

17 retrieves the decryption algorithm module combination or, in the negative, transmitting directly 

1 8 the inputted data to the output portion, the decryption processing portion controlling the 

19 decryption processing, including the type of decryption and the type of authentication, of the 

20 inputted digital data using the decryption algorithm module indicator retrieved by the inspecting 

21 portion as a guide (See Tan Col. 7 Lines 13-25). 
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1 Regarding claim 35, Tan disclosed a decryption module database for storing a plurality of 

2 entries of records of data, each of the entries of records containing a decryption algorithm 

3 module indicator, the inspecting portion inspecting whether the data inputted via the input 

4 portion includes a decryption module database index and, in the affirmative, retrieving the 

5 decryption module database index and further retrieving an entry of record from the decryption 

6 module database using the index or, in the negative, transmitting directly the inputted data to the 

7 output portion, the decryption processing portion controlling the decryption processing of the 

8 inputted digital data using the entry of record retrieved by the inspecting portion as a guide (See 

9 Tan Col. 4 Lines 7-23 and Col. 13 Lines 4-39). 

10 Regarding claim 36, Tan disclosed that the decryption module database stores a plurality 

11 of entries of records of data, each of the entries of records containing a decryption algorithm 

12 module indicator and an authentication algorithm module indicator, the decryption processing 

13 portion controlling decryption processing, including the type of decryption and the type of 

14 authentication, using the entry of record retrieved by the inspecting portion as a guide (See Tan 

15 Col. 7 Lines 13-25). 
16 

17 



1 8 Claim Rejections - 35 USC §103 

19 The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

20 obviousness rejections set forth in this Office action: 

21 A patent may not be obtained though the invention is not identically disclosed or 

22 described as set forth in section 102 of this title, if the differences between the subject matter 

23 sought to be patented and the prior art are such that the subject matter as a whole would have 

24 been obvious at the time the invention was made to a person having ordinary skill in the art to 
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1 which said subject matter pertains. Patentability shall not be negatived by the manner in which 

2 the invention was made. 
3 

4 

5 Claims 1,3,5, 13-15, 18, 20, 22, 25, 28, and 37-38 are rejected under 35 U.S.C. 103(a) as 

6 being unpatentable over Tan (US Patent Number 6,490,353). 

7 Regarding claim 1, Tan disclosed a data encryption method (See Tan Fig. 13), the 

8 method including the following steps: Step A: constructing a security class database for storing a 

9 plurality of entries of records of data (See Tan Col. 8 Lines 1 8-24 pool of securithms), each of 

10 the entries of records including a corresponding encryption definition field, the encryption 

1 1 definition field including a plurality of encryption algorithm module indicators (See Tan Col. 7 

12 Line 65 - Col. 8 Line 37); Step B: inputting digital data to be encrypted (See Tan Col. 8 Lines 

13 38-54); Step C: from the security class database, retrieving the corresponding encryption 

14 definition data (See Tan Col. 8 Lines 15-25 Library); Step D: from the retrieved encryption 

15 definition data, selecting at random an encryption algorithm module indicator (See Tan Col. 10 

16 Lines 37-55); Step E: with the selected encryption algorithm module indicator as a guide, 

17 controlling encryption processing of the inputted digital data (See Tan Col. 10 Lines 37-55); and 

18 Step F: appending decryption information to the digital data that has undergone encryption 

19 processing for subsequent output (See Tan Col. 4 Lines 7-23), but Tan failed to disclose each 

20 record also including a data attribute description field; or finding a data attribute description that 

21 matches attribute of the digital data. However, Tan did disclose that the choice of complexity of 

22 the securithms might be determined by the user based on the security and sensitivity level of the 

23 data in part, or in whole, purpose of the communication, or other factors or policies, and that 
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1 depending on the requirements of the application, users, or policy a library of the securithms 

2 from the pool are arbitrarily selected (See Tan Col. 8 Lines 15-25). 

3 It would have been obvious to the ordinary person skilled in the art at the time of 

4 invention to have included an indication of the complexity level of each securithm in the pool. 

5 This would have been obvious because the ordinary person skilled in the art would have been 

6 motivated to allow the system to easily identify the complexity of each securithm when 

7 determining which securithms were complex enough for the policy regarding the data being 

8 encrypted. 

9 Regarding claim 5, Tan disclosed a data encryption method, the method comprising the 

10 following steps: Step A: constructing an encryption module database for storing a plurality of 

1 1 entries of records of data, each of the entries of records containing an encryption algorithm 

12 module indicator and an authentication algorithm module indicator (See Tan Col. 8 Lines 18-24 

13 pool and Col. 7 Lines 14-25); Step C: inputting digital data to be encrypted (See Tan Col. 8 

14 Lines 38-54); Step D: finding a data attribute description that matches attribute of the digital 

15 data, and retrieving the corresponding encryption definition data (See Tan Col. 8 Lines 15-25 

16 Library); Step E: from the retrieved encryption definition data, selecting at random an encryption 

17 module database index (See Tan Col. 10 Lines 37-55); Step F: according to the retrieved 

1 8 encryption module database index, selecting an entry of record from the encryption module 

19 database (See Tan Col. 10 Lines 37-55); Step G: with the selected entry of record as a guide, 

20 controlling encryption processing, including the type of encryption and the type of 

21 authentication, of the inputted digital data (See Tan Col. 10 Lines 37-55); and Step H: appending 

22 decryption information to the digital data that has undergone encryption processing for 
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1 subsequent output (See Tan Col. 4 Lines 7-23), but Tan failed to disclose Step B: constructing a 

2 security class database for storing a plurality of entries of records of data, each of the entries of 

3 records containing a data attribute description field and a corresponding encryption definition 

4 field, the encryption definition field including a plurality of encryption module database indexes. 

5 However, Tan did disclose that the choice of complexity of the securithms might be determined 

6 by the user based on the security and sensitivity level of the data in part, or in whole, purpose of 

7 the communication, or other factors or policies, and that depending on the requirements of the 

8 application, users, or policy a library of the securithms from the pool are arbitrarily selected (See 

9 Tan Col. 8 Lines 15-25). 

10 It would have been obvious to the ordinary person skilled in the art at the time of 

1 1 invention to have included an indication of the complexity level of each securithm in the pool. 

12 This would have been obvious because the ordinary person skilled in the art would have been 

13 motivated to allow the system to easily identify the complexity of each securithm when 

14 determining which securithms were complex enough for the policy regarding the data being 

15 encrypted. 

16 Regarding claim 13, Tan disclosed a data encryption method, the method comprising the 

17 following steps: Step A: constructing a security class database for storing a plurality of entries of 

1 8 records of data, each of the entries of records containing a corresponding encryption definition 

19 field, the encryption definition data field being an encryption algorithm module indicator (See 

20 Tan Col. 8 Lines 15-25); Step B: inputting digital data to be encrypted (See Tan Col. 8 Lines 38- 

21 54); Step C: retrieving the encryption algorithm module indicator of the corresponding 

22 encryption definition field (See Tan Col. 8 Lines 15-25); Step D: with the selected encryption 
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1 algorithm module indicator as a guide, controlling encryption processing of the inputted digital 

2 data (See Tan Col. 10 Lines 37-55); and Step E: appending decryption information to the digital 

3 data that has undergone encryption processing for subsequent output(See Tan Col. 4 Lines 7-23), 

4 but Tan failed to disclose each of the entries of records containing a data attribute description 

5 field; or from the security class database, finding a data attribute description that matches 

6 attribute of the digital data. However, Tan did disclose that the choice of complexity of the 

7 securithms might be determined by the user based on the security and sensitivity level of the data 

8 in part, or in whole, purpose of the communication, or other factors or policies, and that 

9 depending on the requirements of the application, users, or policy a library of the securithms 

10 from the pool are arbitrarily selected (See Tan Col. 8 Lines 15-25). 

11 It would have been obvious to the ordinary person skilled in the art at the time of 

12 invention to have included an indication of the complexity level of each securithm in the pool. 

13 This would have been obvious because the ordinary person skilled in the art would have been 

14 motivated to allow the system to easily identify the complexity of each securithm when 

15 determining which securithms were complex enough for the policy regarding the data being 

16 encrypted. 

17 Regarding claim 15, Tan disclosed a data encryption method, the method including the 

18 following steps: Step A: constructing an encryption module database for storing a plurality of 

19 entries of records of data, each of the entries of records containing an encryption algorithm 

20 module indicator and an authentication algorithm module indicator (See Tan Col. 8 Lines 15-25); 

21 Step C: inputting digital data to be encrypted (See Tan Col. 8 Lines 38-54); Step D: retrieving 

22 the encryption module database index from the corresponding encryption definition field (See 
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1 Tan Col. 8 Lines 15-25); Step E: with the retrieved encryption module database index as a guide, 

2 selecting an entry of record from the encryption module database (See Tan Col. 8 Lines 38-54); 

3 Step F: with the selected entry of record as a guide, controlling encryption processing, including 

4 the type of encryption and the type of authentication, of the inputted digital data (See Tan Col. 8 

5 Lines 38-54); and Step G: appending decryption information to the digital data that has 

6 undergone encryption processing for subsequent output (See Tan Col. 4 Lines 7-23) however, 

7 Tan failed to disclose Step B: constructing a security class database for storing a plurality of 

8 entries of records of data, each of the entries of records containing a data attribute description 

9 field and a corresponding encryption definition field, the encryption definition data field being an 

10 encryption module database index; or Step D: from the security class database, finding a data 

1 1 attribute description that matches attribute of the digital data, and retrieving the encryption 

12 module database index from the corresponding encryption definition field. However, Tan did 

13 disclose that the choice of complexity of the securithms might be determined by the user based 

14 on the security and sensitivity level of the data in part, or in whole, purpose of the 

15 communication, or other factors or policies, and that depending on the requirements of the 

16 application, users, or policy a library of the securithms from the pool are arbitrarily selected (See 

17 Tan Col. 8 Lines 15-25). 

18 It would have been obvious to the ordinary person skilled in the art at the time of 

19 invention to have included an indication of the complexity level of each securithm in the pool, 

20 and selecting the securithm based upon an appropriate complexity level required for the input 

21 data. This would have been obvious because the ordinary person skilled in the art would have 

22 been motivated to allow the system to easily identify the complexity of each securithm when 
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1 determining which securithms were complex enough for the policy regarding the data being 

2 encrypted. 

3 Regarding claim 16, Tan disclosed a data encryption apparatus, the apparatus having an 

4 input portion for input of data and an output portion for output of data after encryption 

5 processing thereof, the apparatus further comprising: a security class database for storing a 

6 plurality of entries of records of data, a corresponding encryption definition field, the encryption 

7 definition field including a plurality of encryption algorithm module indicators (See Tan Col. 8 

8 Lines 15-25); an attribute inspecting portion for finding from the security class database a data 

9 attribute description that matches attribute of the digital data sent from the inspecting portion and 

10 for transmitting the corresponding encryption definition data to a encryption selecting portion 

1 1 (See Tan Col. 8 Lines 15-25); the encryption selecting portion, which selects at random an 

12 encryption algorithm module indicator from the retrieved encryption definition data (See Tan 

13 Col. 8 Lines 38-54); and an encryption processing portion for controlling encryption processing 

14 of the inputted digital data using the encryption algorithm module indicator selected by the 

15 encryption selecting portion as a guide (See Tan Col. 8 Lines 38-54), but Tan failed to 

16 specifically disclose each of the entries of records containing a data attribute description field; an 

17 inspecting portion for inspecting and separating the data inputted via the input portion into 

1 8 parameter data or digital data; a parameter processing portion for updating the security class 

19 database with the parameter data sent from the inspecting portion. However, Tan did disclose 

20 that the choice of complexity of the securithms might be determined by the user based on the 

21 security and sensitivity level of the data in part, or in whole, purpose of the communication, or 

22 other factors or policies, and that depending on the requirements of the application, users, or 
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1 policy a library of the securithms from the pool are arbitrarily selected (See Tan Col. 8 Lines 15- 



4 invention to have included an indication of the complexity level of each securithm in the pool, to 

5 have automatically determined the input data type and selecting the securithm based upon an 

6 appropriate complexity level required for the input data type. This would have been obvious 

7 because the ordinary person skilled in the art would have been motivated to allow the system to 

8 easily identify the complexity of each securithm when determining which securithms were 

9 complex enough for the policy regarding the data type being encrypted. 

10 Regarding claim 23, Tan disclosed a data encryption apparatus, the apparatus having an 

1 1 input portion for input of data and an output portion for output of data after encryption 

12 processing thereof, the apparatus further comprising: a encryption module database for storing a 

13 plurality of entries of records of data, each of the entries of records containing an encryption 

14 algorithm module indicator (See Tan Col. 8 Lines 15-25); a encryption selecting portion for 

15 selecting at random an entry of record from the encryption module database (See Tan Col. 8 

16 Lines 38-54); and an encryption processing portion for controlling encryption processing of the 

17 inputted digital data using the entry of record selected by the encryption selecting portion as a 

18 guide (See Tan Col. 8 Lines 38-54), but Tan failed to specifically disclosed an inspecting portion 

19 for inspecting and separating the data inputted via the input portion into parameter data or digital 

20 data; a parameter processing portion for updating the encryption module database using the 

21 parameter data from the inspecting portion. However, Tan did disclose that the choice of 

22 complexity of the securithms might be determined by the user based on the security and 



2 



25). 



3 



It would have been obvious to the ordinary person skilled in the art at the time of 
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1 sensitivity level of the data in part, or in whole, purpose of the communication, or other factors 

2 or policies, and that depending on the requirements of the application, users, or policy a library 

3 of the securithms from the pool are arbitrarily selected (See Tan Col. 8 Lines 15-25). 

4 It would have been obvious to the ordinary person skilled in the art at the time of 

5 invention to have included an indication of the complexity level of each securithm in the pool, 

6 and selecting the securithm based upon an appropriate complexity level required for the input 

7 data. This would have been obvious because the ordinary person skilled in the art would have 

8 been motivated to allow the system to easily identify the complexity of each securithm when 

9 determining which securithms were complex enough for the policy regarding the data being 

10 encrypted. 

1 1 Regarding claim 27, Tan disclosed a data encryption apparatus, the apparatus having an 

12 input portion for input of data and an output portion for output of data after encryption 

13 processing thereof, the apparatus further comprising: a security class database for storing a 

14 plurality of entries of records of data, each of the entries of records containing a corresponding 

15 encryption definition field, the encryption definition field being an encryption algorithm module 

16 indicator (See Tan Col. 8 Lines 15-25); and the encryption processing portion for controlling 

17 encryption processing of the inputted digital data using the encryption algorithm module 

18 indicator selected as a guide (See Tan Col. 8 Lines 38-54), but Tan failed to specifically disclose 

19 a security class database for storing a plurality of entries of records of data, each of the entries of 

20 records containing a data attribute description field and an inspecting portion for inspecting and 

2 1 separating the data inputted via the input portion into parameter data or digital data; a parameter 

22 processing portion for updating the security class database with the parameter data from the 
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1 inspecting portion; an attribute inspecting portion for finding from the security class database a 

2 data attribute description that matches attribute of the digital data sent from the inspecting 

3 portion and for transmitting the corresponding encryption definition data to an encryption 

4 processing portion. However, Tan did disclose that the choice of complexity of the securithms 

5 might be determined by the user based on the security and sensitivity level of the data in part, or 

6 in whole, purpose of the communication, or other factors or policies, and that depending on the 

7 requirements of the application, users, or policy a library of the securithms from the pool are 

8 arbitrarily selected (See Tan Col. 8 Lines 1 5-25). 

9 It would have been obvious to the ordinary person skilled in the art at the time of 

10 invention to have included an indication of the complexity level of each securithm in the pool, 

1 1 and selecting the securithm based upon an appropriate complexity level required for the input 

12 data. This would have been obvious because the ordinary person skilled in the art would have 

13 been motivated to allow the system to easily identify the complexity of each securithm when 

14 determining which securithms were complex enough for the policy regarding the data being 

15 encrypted. 

16 Regarding claims 3, 14, 18, 25, and 28, Tan disclosed that the encryption definition field 

17 in the security class database constructed in step A is an encryption algorithm module 

1 8 combination, the encryption algorithm module combination including an encryption algorithm 

19 module indicator and an authentication algorithm module indicator, data of an encryption 

20 algorithm module combination of the corresponding encryption definition field being retrieved in 

21 the step C of finding from the security class database the data attribute description that matches 

22 the attribute of the digital data, the selected encryption algorithm module combination being used 
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1 in step D as a guide for controlling encryption processing, including the type of encryption and 

2 the type of authentication, of the inputted digital data (See Tan Col. 7 Lines 13-25). 

3 Regarding claim 20, Tan disclosed an encryption module database for storing a plurality 

4 of entries of records of data, each of the entries of records containing an encryption algorithm 

5 module indicator and an authentication algorithm module indicator(See Tan Col. 7 Lines 13-25); 

6 the encryption definition field of the security class database including a plurality of encryption 

7 module database indexes(See Tan Col. 8 Lines 15-25); the encryption selecting portion selecting 

8 at random an encryption module database index from the retrieved encryption definition data 

9 and, according to the retrieved encryption module database index, and selecting an entry of 

10 record from the encryption module database(See Tan Col. 8 Lines 38-54); the encryption 

1 1 processing portion using the entry of record selected by the encryption selecting portion as a 

12 guide to control encryption processing, including the type of encryption and the type of 

13 authentication, of the inputted digital data(See Tan Col. 8 Lines 38-54). 

14 Regarding claim 22, Tan disclosed that the parameter processing portion updates the 

15 security class database and the encryption module database using the parameter data sent from 

16 the inspecting portion (See Tan Col. 8 Lines 15-25). 

17 Regarding claim 37, Tan disclosed the claimed decryption system including inspecting 

18 whether the digital data includes a decryption module database index and, in the affirmative, 

19 retrieving the decryption module database index and further retrieving an entry of record from 

20 the decryption module database using the index and, in the negative, transmitting directly the 

21 inputted data to the output portion (See Tan Col. 8 Lines 3-25 and Col. 13 Lines 4-39) but failed 

22 to specifically disclose a parameter processing portion for updating the decryption module 
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1 database using parameter data, the inspecting portion inspecting and separating the data inputted 

2 via the input portion into parameter data or digital data and, if the inputted data is parameter data, 

3 transmitting the same to the parameter processing portion and, if the inputted data is digital data. 

4 However, Tan did disclose that the choice of complexity of the securithms might be determined 

5 by the user based on the security and sensitivity level of the data in part, or in whole, purpose of 

6 the communication, or other factors or policies, and that depending on the requirements of the 

7 application, users, or policy a library of the securithms from the pool are arbitrarily selected (See 

8 Tan Col. 8 Lines 15-25). 

9 It would have been obvious to the ordinary person skilled in the art at the time of 

10 invention to have included an indication of the complexity level of each securithm in the pool, 

1 1 and selecting the securithm based upon an appropriate complexity level required for the input 

12 data. This would have been obvious because the ordinary person skilled in the art would have 

13 been motivated to allow the system to easily identify the complexity of each securithm when 

14 determining which securithms were complex enough for the policy regarding the data being 

15 encrypted. 

16 Regarding claim 38, Tan disclosed the decryption module database stores a plurality of 

17 entries of records of data, each of the entries of records containing a decryption algorithm 

1 8 module indicator and an authentication algorithm module indicator, the decryption processing 

19 portion controlling decryption processing, including the type of decryption and the type of 

20 authentication, of the inputted digital data using the entry of record retrieved by the inspecting 

21 portion as a guide (See Tan Col. 7 Lines 13-25 and Col. 13 Lines 4-39). 
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1 Claims 2, 4, 6, 8, 10, 12, 17, 19, 21, 24, 26, and 39 are rejected under 35 U.S.C. 103(a) as 

2 being unpatentable over Tan as applied to claims 1, 5, 7, 11, 16, 23, and 27 above, and further in 

3 view of Kim et al. (US Patent Number 6,499,127) hereinafter referred to as Kim. 

4 Tan disclosed randomly selecting one algorithm from a set of algorithms randomly and 

5 that the encryption definition field in the security class database constructed in step A includes a 

6 plurality of encryption algorithm module indicators and corresponding proportions adopted 

7 thereby (See Tan Col. 8 Lines 15-25 and Col. 9 Lines 34-40), but failed to specifically disclose 

8 an encryption algorithm module indicator being selected from the retrieved encryption definition 

9 data in step D according to each of the encryption algorithm module indicators and the 

10 corresponding proportions adopted thereby in cooperation with a random number generator and a 

1 1 MOD operation. 

12 Kim teaches a method for selecting a number in a range randomly comprising 

13 determining the size of the range, generating a random number, and taking the random number 

14 modulo the size of the range (See Kim Col. 23 Paragraph 1). 

15 It would have been obvious to the ordinary person skilled in the art at the time of 

16 invention to employ the teachings of Kim in the random algorithm system of Tan by selecting 

17 the algorithm randomly from the seed by generating a random number and then taking the 

1 8 random number MOD the number of entries in the seed. This would have been obvious because 

19 the ordinary person skilled in the art would have been motivated to select the algorithm 

20 randomly as taught by Tan. 
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1 Regarding claim 39, Tan disclosed that the parameter processing portion updates the 

2 security class database and the encryption module database using the parameter data sent from 

3 the inspecting portion (See Tan Col. 8 Lines 15-25). 

4 Conclusion 

5 Claims 1-39 have been rejected. 

6 Any inquiry concerning this communication or earlier communications from the 

7 examiner should be directed to MATTHEW T. HENNING whose telephone number is 

8 (571)272-3790. The examiner can normally be reached on M-F 8-4. 

9 If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

10 supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 

1 1 organization where this application or proceeding is assigned is 571-273-8300. 

12 Information regarding the status of an application may be obtained from the Patent 



13 Application Information Retrieval (PAIR) system. Status information for published applications 

14 may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 

15 applications is available through Private PAIR only. For more information about the PAIR 

16 system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 

1 7 system, contact the Electronic Business Center (EBC) at 866-2 1 7-9 1 97 (toll-free). If you would 

18 like assistance from a USPTO Customer Service Representative or access to the automated 

19 information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
20 
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